package org.dong.samples.web;

import java.util.Calendar;
import java.util.Date;
import javax.servlet.http.HttpSession;
import org.dong.samples.model.User;
import org.dong.samples.model.UserRole;
import org.dong.samples.model.vo.UserVO;
import org.dong.samples.service.ManageRoleService;
import org.dong.samples.service.UserSubjectHibernateService;
import org.dong.samples.util.ExcelUtils;
import org.dong.samples.util.NowTime;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

@Controller
public class LoginController {
	
	@Autowired
	public UserSubjectHibernateService userSubjectHiberanteService;
	
	@Autowired
	private ManageRoleService manageRoleService;
	
	@RequestMapping(value = "/index", method = RequestMethod.GET)
	public String index(){
		return "index/index";
	}
	
	@RequestMapping(value = "/login", method = RequestMethod.GET)
	public String toLogin(Model model){
		User user = new User();
		model.addAttribute("user", user);
		return "login/login";
	}
	
	@RequestMapping(value = "/login", method = RequestMethod.POST)
	public String login(RedirectAttributes redirectAttributes, UserVO vo, HttpSession session) throws Exception{
		if(vo.getUserId() != ""){
			User user = userSubjectHiberanteService.getUserById(vo.getUserId());
			if(user != null){
				if(vo.getPassword() != ""){
					String md5Password = ExcelUtils.MD5(vo.getPassword());
					Date Time = null;
					Calendar TimeCalendar = Calendar.getInstance();
					TimeCalendar.setTime(new Date());
					TimeCalendar.add(Calendar.MINUTE, -5);
					Time = TimeCalendar.getTime();
//					System.out.println(user.getLastLockTime());
					if(user.getLastLockTime().before(Time)){
						System.out.println("不在锁定时间范围内");
						if(md5Password.equals(user.getPassword())){
							userSubjectHiberanteService.insertCount(0, vo.getUserId());
							UserRole ur= manageRoleService.getRoleByUser(vo.getUserId());
							session.setAttribute("userRole", ur);
							session.setAttribute("user", user);
							return "redirect:/index";
						}else{
							if(user.getLoginFailCount() == 3){
								userSubjectHiberanteService.insertCount(0, vo.getUserId());
								userSubjectHiberanteService.insertTime(NowTime.getTime(), vo.getUserId());
								redirectAttributes.addFlashAttribute("message", "账号已锁定，请5分钟后再登录");
							}else{
								userSubjectHiberanteService.insertCount(user.getLoginFailCount()+1, vo.getUserId());
								redirectAttributes.addFlashAttribute("message", "登录失败，账号或密码不正确");
							}
						}
					}else{
						redirectAttributes.addFlashAttribute("message", "账号已锁定，请5分钟后再登录");
					}
				}else{
					redirectAttributes.addFlashAttribute("message", "登录失败，账号或密码不能为空");
				}
			}else{
				redirectAttributes.addFlashAttribute("message", "登录失败，账号或密码不正确");
			}
		}else{
			redirectAttributes.addFlashAttribute("message", "登录失败，账号或密码不能为空");
		}
		return "redirect:/login";
	}
	
	
	@RequestMapping(value = "/logout", method = RequestMethod.GET)
	public String toLogout(Model model, HttpSession session){
		session.removeAttribute("user");
		session.removeAttribute("userRole");
		return "redirect:/login";
	}
}
